The Canadian Internet Registration Authority (CIRA) published its 2019 Cybersecurity Survey Report today, which takes a look at the country’s cybersecurity landscape.
The survey asked over 500 respondents related to direct IT security decision-making at both public and private organizations, how they were dealing with cyber threats.
The report’s key findings saw “71 per cent of organizations reported experiencing at least one cyber-attack that impacted the organization in some way, including time and resources, out of pocket expenses, and paying ransom,” explains the CIRA.
Other statistics from the survey also paint a similarly bleak cybersecurity picture, noting a lack of cybersecurity training. Only 41 per cent of respondents said their organizations had mandatory cybersecurity awareness training for all staff.
For businesses hit by a data breach, less than 60% reported it to a regulatory government body and only 48% reported breaches to customers. Management only heard about data breaches 40% of the time and board of directors at 21%.
“While technical solutions are important, the best layer of security for any organization are cyber-aware employees. We are happy to see more organizations embracing cybersecurity awareness training as a critical element of their defense. However, there is more work to be done to ensure the quality and rigor of the training offered keeps pace with the ever-changing world of cybersecurity,” said Jacques Latour, chief security officer, CIRA, to iPhone in Canada in an issued statement.
For organizations using cybersecurity services to combat threats, 57% said they deployed DNS firewalls, while 51% utilized password managers and 41% said security training was implemented.
Data showed 43% of respondents noted their organizations did not have dedicated cybersecurity teams, citing a lack of resources.